Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Backend] Problem in delete contact us api Fixed #933

Merged
merged 1 commit into from
May 19, 2024
Merged

[Backend] Problem in delete contact us api Fixed #933

merged 1 commit into from
May 19, 2024

Conversation

Hemu21
Copy link
Contributor

@Hemu21 Hemu21 commented May 19, 2024

Issue that this pull request solves

Issue Link resolve #932

Closes: #932

Brief description of what is fixed or changed

Delete contact us is not working properly. and contact us routes fixing. and adding validation. fixed. now delete works properly.

Types of changes

Put an x in the boxes that apply

  • Bugfix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • Documentation update (Documentation content changed)
  • Other (please describe):

Checklist

Put an x in the boxes that apply

  • My code follows the style guidelines of this project
  • I have performed a self-review of my own code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • My changes generate no new warnings
  • My changes does not break the current system and it passes all the current test cases.

@auto-assign auto-assign bot requested a review from Kajol-Kumari May 19, 2024 07:34
github-advanced-security[bot]
github-advanced-security bot found potential problems May 19, 2024
View reviewed changes
backend/app/routes/contactUs/index.js
router.post('/contactus', validation(contactValidationSchema), postContact);
router.delete("/deleteContactUs", deleteContactUs);
router.get('/getcontactus', getContact);
router.post('/',authMiddleware, validation(contactValidationSchema), postContact);

Check failure

Code scanning / CodeQL

Missing rate limiting High

This route handler performs
authorization
Loading
, but is not rate-limited.
backend/app/routes/contactUs/index.js
router.delete("/deleteContactUs", deleteContactUs);
router.get('/getcontactus', getContact);
router.post('/',authMiddleware, validation(contactValidationSchema), postContact);
router.delete("/deleteContactUs",authMiddleware, deleteContactUs);

Check failure

Code scanning / CodeQL

Missing rate limiting High

This route handler performs
authorization
Loading
, but is not rate-limited.
backend/app/routes/contactUs/index.js
router.delete("/deleteContactUs", deleteContactUs);
router.get('/getcontactus', getContact);
router.post('/',authMiddleware, validation(contactValidationSchema), postContact);
router.delete("/deleteContactUs",authMiddleware, deleteContactUs);

Check failure

Code scanning / CodeQL

Missing rate limiting High

This route handler performs
a database access
Loading
, but is not rate-limited.
@Hemu21
Copy link
Contributor Author

Hemu21 commented May 19, 2024

@Kajol-Kumari can you please check and merge it.

Kajol-Kumari
Kajol-Kumari reviewed May 19, 2024
View reviewed changes
backend/app/routes/contactUs/delete.js
errStack: 'Both IDs are required to delete a contact',
});
return next(error);
if (!payload.isSuperAdmin) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[ques] why are we doing this check? shouldn't auth middleware take care of it?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Kajol-Kumari It is the code flow. I followed based on existing code bases.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Kajol-Kumari in every file they is this type of check. So I thought Auth Middleware doesn't handle it.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can u provide me the reference of where do u see it, it shouldn't be required ideally, try removing and then test the delete functionality, it should not work without authorization key of an admin

Copy link
Contributor Author

@Hemu21 Hemu21 May 19, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Kajol-Kumari can you please check this here i saw like this Here

@Kajol-Kumari Kajol-Kumari merged commit b9790b3 into HITK-TECH-Community:main May 19, 2024
6 of 7 checks passed
@Kajol-Kumari Kajol-Kumari added level2 Bug fixing, adding small features. gssoc GSSoC'24 Label labels May 19, 2024
@Kajol-Kumari Kajol-Kumari mentioned this pull request May 22, 2024
Closed
11 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Kajol-Kumari Kajol-Kumari Kajol-Kumari approved these changes

Assignees
No one assigned
Labels
gssoc GSSoC'24 Label level2 Bug fixing, adding small features.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Backend] Problem in delete contact us api
2 participants
@Hemu21 @Kajol-Kumari